CYBER LAWS IN INDIA

Pages

Friday, November 6, 2015

When we hear of fields like cyber
security and cyber forensics, technology companies come to our mind. As
the demands of clients have significantly increased, many non
traditional professionals have also started providing services in these
areas. One such professional branch is legal fraternity that has started
providing services for areas like forensics audit, cyber forensics,
cyber security, e-discovery, etc.

In the year 2002, Perry4Law Organisation (P4LO) was established and its segment Perry4Law Law Firm
is the first and exclusive techno legal law firm of India. With more
than a decade experience, P4LO and Perry4Law Law Firm have catered the
needs of national and international clients in various techno legal
fields.

Dalal is also a strong advocate of cyber
and data security. No Client would be happy if its/his/her confidential
and sensitive documents are obtained through cracking/hacking the Law
Firm Website or Database, opines Dalal. Perry4Law Law Firm uses the
“Best Cyber Security Practices” recommended by International
Organisations, informs Dalal.

With international level of techno legal
expertise, P4LO and Perry4Law Law Firm are class apart and world leaders
in techno legal services. Other Law Firms of India must also start
providing services in techno legal fields if they have the requisite
expertise in this regard.

Merging of technology and law raises interesting
techno legal issues that are not easy to handle. There are very few
organisations or individuals that can manage techno legal issues in
India and world wide. Perry4Law
Organisation (P4LO) is one such organisation that handles unique
and qualitative techno legal services in fields like cyber law, cyber
security, cyber forensics, e-discovery, etc. One such initiative is
known as Global
Techno Legal News and Views.

Some of the interesting post of the blog are:

(1) Non Mandatory Aadhaar: The matter
pertaining to legality and constitutionality of Aadhaar project is
pending before the Supreme Court of India. The Central Government has
been maintaining that Aadhaar is not
mandatory but for all practical purposes it has been made
mandatory by Indian Government.

(2) Digital India: Digital
India project of India is an ambitious but troublesome
initiative as it is suffering from numerous shortcomings. This is
the reason that the Digital India project is heading towards rough
waters. In fact, Digital India is the biggest digital
panopticon of India so far. There is an urgent need to make it
legal and constitutional.

(3) Carbanak Malware: The notorious
malware Carbanak was instrumental in stealing
about a Billion US Dollars from financial institutions worldwide.
Vskimmer
Trojan, capable of stealing credit card information from
Windows systems, was already in circulation. Similarly, the Malware
Dump Memory Grabber was also targeting POS systems and ATMs
of major U.S. banks. These malware were creating havoc in India and
international levels.

(4) Censorship By Twitter: In an
unexpected move, Twitter has been censoring tweets relating to topics
like Aadhaar,
Digital
India, etc. Till the time of writing of this post, Twitter is
still
censoring topics like Aadhaar, Digital India, etc.

(5) Hardware Spyware: Kaspersky has
revealed that intelligence agencies have been using
hardware based stealth spyware. These hard drives are manufactured by
Western Digital, Seagate, Toshiba and other top manufacturers,
thereby making their use a potential cyber hazard.

(6) FBI Search Warrants: Recently a
proposal was made to expand the search warrant powers of FBI. Google
opposed the same and openly conveyed its dissent
for the proposed US Justice Department proposal to expand federal
powers to search and seize digital data, warning that the changes
would open the door to US “government hacking of any facility” in
the world.

(7) Lenovo Adware: Lenovo has been
accused of pre
installing Adware in laptops thereby compromising their security.
Users have complained that a programme called Superfish pre-installed
by Lenovo on consumer laptops was “Adware”, or software that
automatically displays adverts.

(8) Microsoft Cloud Computing: It has
been reported
that Microsoft has adopted a new standard for cloud privacy that
commits the company to protect the privacy of customers’ data, not
to use it for advertisement purposes, and to inform the customer of
legal requests for personal data. Google along with other companies
has been fighting against e-surveillance activities of U.S. agencies.

(9) Mobile Communications Security:
Intercept has recently published an article describing that U.S. and
British spies hacked into the internal network of Gemalto in 2010
that is one of the largest manufacturers of SIM cards in the world.
They stole the encryption keys used to protect the privacy of mobile
cellular communications across the globe. These spies mined the
private communications of Gemalto engineers and employees in multiple
countries, including India. However, the most interesting revelation
comes in the form that GCHQ could not intercept keys used by mobile
operators in Pakistan, even though Pakistan is a priority target for
Western intelligence agencies. This is because Pakistanis used more
secure methods to transfer the encryption keys between the SIM
card manufacturers and Pakistani mobile operators.

(10) Lawyers Communications: Recently
a British court ruled that the U.S. – U.K. surveillance regime was
unlawful for seven years. This means that the regime has also failed
to comply with the European convention on human rights. U.K.
government is already
facing a trial where it has been accused of unlawfully
intercepted conversations between lawyers and their clients.

(11) Online Card Games: Some online
gaming stakeholders in India have approached the Supreme Court of
India to get clarity on the legality of online games like rummy,
poker, etc. In response of the same, the Supreme Court asked the
opinion of Central Government in this regard but the same has been
informally denied by the Central Government. This means that till the
time Supreme Court actually says that online rummy, online poker and
online card games are legal in India, majority of these gaming
stakeholders may be exposing themselves to legal risks and civil and
criminal liabilities. Now that the Supreme Court of India has finally
refused
to decided legality of online poker and online rummy in India,
online
card games websites may be legally
risky if not properly drafted and managed.

(12) Internet Safety Campaign: Indian
government has announced that an Internet
safety campaign would be started very soon in India. From the
media reports it seems that the awareness drive would cover all
stakeholders ranging from school level to government departments.

(14) E-Mail Policy: Indian government
has been struggling long to formulate and implement the e-mail
policy of India. This is important for India as sensitive
documents cannot be transferred out of India as per Indian laws like
Public
Records Act, 1993. Even Delhi High Court is analysing
the e-mail policy of India and has shown its displeasure over slow
action on the part of Indian government in this regard. It has now
been reported
that Indian government has decided to ban the use of Gmail or any
other private email for official communication across all its
organisations, and make it mandatory for them to migrate to email
services provided by the National Informatics Centre (NIC).

(15) CISO Of India: In a significant
move, the Prime Minister’s Office (PMO) has appointed
Dr. Gulshan Rai as the first Chief Information Security Officer
(CISO) of India. This would go a long way in ensuring critical
infrastructure protection in India (PDF). We also strongly
recommend that a revised Cyber
Security Policy of India 2015 must be drafted by Modi Government
that must address cyber security issues in a more comprehensive and
holistic manner. Further, international
legal issues of cyber attacks must also be considered well in
advance by Indian Government. Perry4Law Organisation (P4LO) has
released a research
paper on international legal issues of cyber security and cyber
attacks and the same can be considered by Indian Government while
strengthening Indian cyber security capabilities.

(16) Anti Bullying Committee: Cyber
bullying in India is a big nuisance with practically no remedies.
However, things would be changed very soon with the issuance of CBSE
Guidelines for Prevention of Bullying and Ragging in Schools 9th
March 2015, Reg: (D.O. No. 12-19/2012-RMSA-I) (PDF). Due to
increasing cases of physical and cyber-bullying of students, Central
Board of Secondary Education (CBSE) has directed
all its affiliated schools to form an anti-bullying committee. The
committee should comprise of vice-principal, a senior teacher, school
doctor, counsellor, parent-teacher representative, school management
representative, legal representative and peer educators. CBSE also
directed the schools to tackle
sexual abuses and strictly implement POCSO Act 2012.

(17) Technology Companies Regulations:
Dealing with technology and foreign companies is a big challenge for
Indian government. Whether it is taxation aspects or applicability of
Indian laws to such companies, India has not been able to achieve a
success in this regard so far. There is also a lack of legal
framework to govern such technology and foreign companies in India as
on date. At Perry4Law Organisation (P4LO) and Perry4Law’s
Techno Legal Base (PTLB) we have been suggesting techno
legal frameworks in this regard from time to time. We at P4LO and
PTLB welcome this support of Indian Government and various
stakeholders to our suggestions and recommendations from time to
time. However, we strongly recommend that we need a comprehensive
techno legal framework in this regard especially if we have to make
the “Made in India” and “Digital India” projects successful.

(18) Killer USB: A Russian
hacker/researcher created a killer
USB that can crash the victim system once the modified/hacked USB
is plugged into it. The basic idea of the USB drive is quite simple.
When we connect it up to the USB port, an inverting DC/DC converter
runs and charges capacitors to -110V. When the voltage is reached,
the DC/DC is switched off. At the same time, the filed transistor
opens. It is used to apply the -110V to signal lines of the USB
interface. When the voltage on capacitors increases to -7V, the
transistor closes and the DC/DC starts. The loop runs till everything
possible is broken down.

(19) Traffic Routing: Networks and
systems need to trust each other to make the Internet function in a
speedier manner. If one system or service provider falters, the
services of other may be hampered. In one such incidence, users
around the world were not
able to access Google’s service for a short period of time due
to a technical glitch. Users were cut off due to the routing leak
from Indian broadband Internet provider Hathway. The leak is similar
to a 2012 incident caused by an Indonesian ISP, which took Google
offline for 30 minutes worldwide.

(20) Grid Security Expert System (GSES): A
Grid
Security Expert System (GSES) of India has been proposed to
be developed by Powergrid. Cyber
security of automated power grids of India is need of the
hour. It is only after a massive
power blackout in 2012 that Indian government has woken up to
the dangers of cyber
attacks against Indian power sector. GSES would involve
installation of knowledge based Supervisory Control and Data
Acquisition (SCADA) system, numerical relays and Remote Terminal
units upto 132 kV stations and the reliable Optical fibre Ground wire
(OPGW) communication system at an estimated cost of around Rupees
1200 crores. The objective of the GSES is implementation of the
Automatic Defense mechanism to facilitate reliable and secure grid
operation.

(21) Cyber Law Due Diligence: Cyber
law due diligence received a major
jolt when the Supreme Court of India read
down the internet intermediary due diligence requirements. The
main problem seems to be reading down of Section 79(3) (b) and Rule
3(4) By Supreme Court in a manner that would be counter
productive in the long run. In fact, reading down of Section
79(3) (b) and Rule 3(4) is more
problem than solution as the Supreme Court erred
in adopting this approach.

(22) SEBI And Cyber Security: It has
been reported
that SEBI has expanded the ambit of its Technical Advisory Committee
(TAC) to include cyber security of the markets. CECSRDI
welcomes this move of SEBI and is committed to help it in every
possible manner to achieve this benign cyber security objective.

(23) E-Police Station: An e-police
station in Delhi would register online FIR for motor vehicle
theft cases. The pilot project of the “Motor Vehicle Theft (MVT)
Application” is now accessible on mobiles and computers. Presently
this facility is available only for police stations in South Delhi
and the same will be extended to entire Delhi after sorting out
technical glitches and other problems.

(24) Social Media Compliances: Social
media websites are not
complying with laws of India. India’s struggle against social
media websites to fall in line with Indian laws continues even in
Narendra Modi’s regime. To make the matter worst we have no social
media laws in India or any effective and implementable social
media policy of India. Of course, a new framework for use of
social media by governmental organisations has been suggested by
Indian government in the past but that is of little help in solving
the present problem at hand. The real solution, according to Praveen
Dalal, is formulation of a techno legal framework that can
address the diverse and complicated issues of cyberspace in India. In
short, social networking laws in India need clarity
and codification.

(25) MPPEB Scam: MPPEB scam has become
an investigation nightmare for the law enforcement agencies of India.
The credibility and reliability of evidence
is in question on the one hand and unresolved
cyber forensics issues are on the other hand. Scientific
investigation methodology is still to be used in the investigation of
MPPEB scam.

(26) IT Subsidiary Of RBI: The Reserve
Bank of India (RBI) has showed its commitment to fight against cyber
crimes and financial frauds by declaring that an information
technology driven subsidiary would
be established by it to deal with cyber nuisances. This IT
subsidiary of RBI would also deal with cyber security and related
issues with a special focus upon banking related technology issues.
The IT subsidiary of RBI would also evaluate the technical
capabilities of banks that is almost missing as on date.

(27) Privacy Invasive Software: The
Supreme Court of India has asked the Indian Government to clarify
upon privacy
invasive software and mobile applications. Supreme Court of India
has taken a serious note of the software and mobile applications that
can be used to extract private information from smartphones.

(28) Smart Cities In India: Smart
cities in India have been proposed to be established in near future.
However, smart cities in India may face cyber
security and civil
liberties issues that are left unresolved by Indian Government.

About
four years back, India's leading techno legal ICT law firm Perry4Law
wrote about cyber
security legal practice in
India. The article was very clear in its message that techno legal
fields like cyber law, cyber security, cyber forensics, cyber
warfare, cyber terrorism, etc are not the preferred field of legal
practice for law firms and lawyers in India and other countries. The
main reason for avoiding cyber security legal practice was lack of
expertise to manage complicated cyber security related issues. Only
law firms like Perry4Law have been managing
techno legal issues of cyber security, cyber law, cyber forensics,
e-discovery, etc in India so far.

Then came the positive development and lawyers and law firms
started
exploring the areas like
cyber law, cyber security, cyber forensics, etc. Although the number
of such lawyers/law firms is negligible yet the growing interest in
the techno legal fields would increase
such numbers in future. Further, techno legal issues would also
change the way traditional businesses and transactions would be
carried out in future. For instance concepts like cyber
insurance, online dispute
resolution, e-courts, digital evidencing and e-discovery, media
forensics, cyber forensics, etc would be very much used in future.

However, technology laws have their own peculiar problems. Cyber
laws are generally curative in nature as against the desirable
preventive requirements. They are formulated keeping in mind the
crimes/cyber crimes that have already taken place instead of what
cyber crimes can possibly happen in future. In short, cyber laws must
be “futuristic” in nature as against “historical” in their
applicability. This brings novel legal challenges before lawyers and
law firms as cyber security legal practice becomes very challenging
and research oriented field.

With issues like cyber espionage and cyber warfare, the
traditional armed forces and legal fraternity are now collaborating
upon a very unique platform where lawyers need to have a sound
knowledge of both law and technology. It seems the techno legal
community alone would be able to dare to explore issues like cyber
law, cyber security, etc in future.

Wednesday, November 4, 2015

Online legal
education in India is still at the infancy stage. In fact, the
concept of online education has not been accepted with full heart in
India so far. Another area of concern is the academic nature of our
educational system where there is no real choice between skills
and degree. A blind race
to acquire a degree would not bring any tangible benefits except
unemployment and frustration. This is the reason why India must
stress upon skill based education and trainings.

Skills based education
and training can be effectively imparted if we adopt online education
or e-learning methodology. This is more so in the legal education
field that has mostly remained untouched by the use of information
technology for educational purposes.

Perry4Law’s
Techno Legal Base (PTLB)
has been working in the direction of establishment and working of
online legal education in India for
long. Not only this, PTLB
Virtual Campus is also
providing many techno legal skills development, training and
education courses in India and around the world through online
education, distance
learning and e-learning modes. We are also helping young school
children in choosing the most appropriate courses for legal
career. However, our
courses have been designed for stakeholders ranging from school
children to teaching faculties.

The aim of these
two initiatives and other educational projects of PTLB is to impart
online legal education ranging from traditional fields to the most
contemporary topics. For instance, PTLB has been managing online
cyber law education in India
for long. Cyber law is a contemporary legal area that requires techno
legal expertise. There are very few cyber law education institutions
in India and even lesser are cyber law experts in India. Thus, the
demand for cyber law professionals is very great in India and other
jurisdictions.

PTLB is in the course
of adding and introducing novel, qualitative and highly efficient
training, skills development and education tools and technologies. We
are also introducing some very unique and highly required techno
legal and other courses that are not properly represented in present
times. PTLB is also exploring tie ups and collaborations with
universities, colleges and other online learning platforms in India
and abroad.

Our initial idea is to
use PTLB Virtual Campus for various techno legal courses, trainings
and skills development programs like cyber law, cyber security, cyber
forensics, etc. Whereas we intend to use Virtual Law Campus for legal
fields and law courses that are imparted in universities and
colleges. However, both Virtual Legal Education Campus (VLES) and
Virtual Law Campus (VLC) would primarily cater the requirements of
legal courses, trainings and skills developments initiatives though
we may add other techno legal courses as well. PTLB would share more
details about PTLB Virtual Campus, VLEC and VLC very soon.

Unfortunately, most of the interpretations and
observations regarding the judgment of Supreme Court were directed
towards Section 66A alone and the issue of cyber law due diligence
was totally ignored. This has serious ramifications for all cyber
victims whose locus standi has been taken away by the Supreme Court
to approach the Intermediary.

It is of utmost importance that this issue must be
discussed in great detail and then taken up before the Supreme Court
through a review petition. Similarly, the collective inputs can also
be shared with Indian government and Parliament so that they can come
up with a more potent and effective cyber law due diligence
requirement in India.

If you are a cyber victim or you know a person who
has been a cyber victim, please share your views through this
petition and review. Your views would shape the cyber law of India
and make it more meaningful. If you have ever suffered from
harassment over e-mail, SMS, chatting, Social media, etc or you know
a person who has been so harassed, then please share your views at
the petition/survey page. Collectively let us make a responsible
cyber society and culture in India.

Sunday, March 15, 2015

Digital India is a promising initiative of Indian
Government. However, like any new and good project, Digital India is
also suffering from many shortcomings and weaknesses. It is
imperative on the part of Indian Government to remove these
limitations of Digital India project instead of suppressing the same.
It is also important that any critical view or suggestion regarding
Digital India project must not be either suppressed or censored by
Indian Government or technology platforms like Google, Twitter, etc.

This post is sharing the critical and other views
and recommendations of Praveen
Dalal regarding Digital India and Aadhaar Projects that
have been shared at Twitter for public at large but are not easy to
find due to censorship activities. These are as follows:

This consolidate list would provide a readymade
reference list of all Digital India and Aadhaar related critical
views and opinions of Praveen Dalal at a single place. We hope our
readers would find this post and these tweets useful and productive.

Monday, January 5, 2015

Cyberspace is becoming a complicated zone to handle
and manage. Every country is trying its level best to adjust its
affairs in cyberspace. However, cyber criminals and cyber attacks are
much more ahead and advance than their prevention and remedies.

India is a late
entrant in cyber security field as it never gave
importance to cyber security related issues. In face, the research
works titled cyber security developments 2013
(pdf) and 2014
of Perry4Law
Organisation have shown many weaknesses in the cyber
security infrastructure of India.

According to the projections
made by Centre
of Excellence for Cyber Security Research and Development in India
(CECSRDI), there are many complicated cyber security
challenges that are waiting for India in the year 2015. Some of the
areas of concern pointed out by CECSRDI are international legal
aspects of cyber security, state sponsored cyber attacks, increasing
use of malware, cyber espionage, cloud computing adoption in India,
mobile security and mobile governance issues, critical infrastructure
protection requirements in India, etc.

The cyber security trends have also projected that
malware like Stuxnet, Duqu, Flame, etc would be used more
aggressively in the year 2015. These malware are not only stealth but
they are also too sophisticated to be detected by India. Let us hope
that Indian government would consider cyber security as a top
priority area in the year 2015.

Sunday, September 14, 2014

Information technology Act 2000 (IT Act 2000)
carries provisions pertaining to e-governance and e-commerce.
However, IT Act 2000 has outlives its importance and it is high time
to enact dedicated laws for e-governance and e-commerce in India.
This though of dedicated laws brings discomfort and uneasiness to the
Indian government and hence it always chooses the easy path of bring
piecemeal amendments in the existing laws. Of course, this is not a
productive exercise in the long run and it brings unforeseen and
unproductive results.

Now once again Indian government has decided to
amend the IT Act 2000 to accommodate the e-commerce concerns. We have
no dedicated e-commerce
laws in India and barring few provisions in the IT Act,
2000, e-commerce in India is largely unregulated. As a result
regulatory violation by Indian e-commerce websites is in abundance.
In fact, e-commerce websites of India are under enforcement
directorate scanner.

Indian government intends to streamline e-commerce
laws in India by bringing a law in the form of Communications
Convergence Bill. The government plans to modify the IT Act, 2000 to
provide legal recognition for transactions carried out using
electronic data interchange and other means of electronic
communications in a more explicit manner. It also aims to draft a set
of globally acceptable guidelines to increase the legal
predictability for e-commerce and adopt the United Nations General
Assembly's (UNGA) recommended Model
Law on Electronic Commerce (MLFC).

This is a good policy decision by Indian government
and it would bring uniformity and legal certainty among e-commerce
entrepreneurs of India.

Monday, July 21, 2014

Aadhaar initiative is one of the most draconian and
unwanted initiative that has been forced upon Indian citizens by our
respective governments. Whether it is Congress or BJP, both have been
wasting public financial resources upon an illegal and
unconstitutional
project like Aadhaar.

What is really surprising is the fact that all this
is happening despite the fact that the Supreme Court of India has
declared that Aadhaar cannot
be made compulsory by Indian government. However,
government departments and authorities in India are openly flouting
this direction of the apex court and are committing contempt of
court.

There was a dire need for the Modi government to
scrap
the Aadhaar project. However, Modi government preferred to
keep the project alive for reasons best known to it. Experts believe
that although the Modi government has allocated a big sum for Aadhaar
project yet it cannot legally spend the same upon Aadhaar project
till legal and technical infirmities are removed first. Otherwise, it
would be another round of booty
sharing of hard earned public money.

Legality of Aadhaar project has already been
questioned
before many courts including the apex court of India. Till now the
real intentions of Indian government has come to light. The façade
of public and welfare services is no more applicable to Aadhaar
project as there is no element of welfare activities in the Aadhaar
project. In fact, Indian government is hiding
truth from Indian citizens in this regard and is all
committed to violate our civil liberties.

There is no doubt that privacy
is a basic human right that no government can take away.
However, Indian government is not respecting this human right and is
indulging in illegal and unaccountable e-surveillance and snooping.
Instead of ensuring
privacy rights in India, India is supporting
countries like US for illegal e-surveillance upon Indian citizens.

Modi government must not fool Indians by portraying
Aadhaar as a welfare project and must scrap the same till proper
constitutional and legal
safeguards are put in place. Indians must not enroll for
Aadhaar no matter whatever arm twisting tactics are adopted by the
Indian government in this regard.

Wednesday, June 11, 2014

Cyber security is a complex mechanism that combines
both technology and legal aspects. Further, cyber security also
involves conflict
of laws in cyberspace on the one hand and civil
liberties protection in cyberspace on the other hand. The
former is involved when the conflicting laws of two nations are
involved that is usually the case these days. The latter comes into
picture when the cyberspace policy of a nation is used to the
detriment of the other as usually happens in the case of
e-surveillance activities. Naturally international
cooperation in the field of cyber
security is need of the hour.

As cyber
security breaches are increasing world over, both national
and international stakeholders must deliberate upon this issue. The
sooner this is done the better it would be for the cyberspace at
large.

Monday, June 2, 2014

India has not been very receptive to the plights and
rights of disabled population. Whether it is educational institutions
or public employments, disabled population in India is always at the
disadvantageous position. Whatever little efforts that have come to
rescue of these people they have come from private individuals with
no profit motive. One such initiative has been undertaken by a team
of four girls from the Vishwakarma Institute of Information
Technology (VIIT) who have developed
an android application to bridge the communication gap that exists
between hearing and speech impaired people and normal beings.

In an attempt to utilise their technical skills
for a social cause, four students in their final year of
engineering—Apeksha Bhat, Shubhangi Yerolkar, Nisha Advani and
Sayali Bora—have developed this app that may prove handy. Their
efforts need to be taken further on a large scale and in other
directions as well.

The application in question converts the sign
language into speech that will help a hearing and speech impaired
person talk to people who do not understand sign language.
Conversely, the hearing and speech impaired person can know what the
other person speaks as the application also converts verbal language
back into sign language.

Talking about what differentiates their app from
others in the market, Bhat says, “Designing an app in Hindi and
only using the Indian Standard Sign Language was the most-difficult
aspect of the whole development process. It is this feature that
distinguishes our app from the others in the Android market and serve
a similar purpose”.

For the project, the girls visited the Aadhar
Deaf School located at Bibvewadi, Pune, where they researched to
understand the special needs of the hearing impaired
students. “Sitting in their classrooms, interacting with their
faculty and the principal was an eye-opener for us. We were inspired
to contribute in whatever small way we could to bridge the
communication gap between them and us,” said Yerolkar. While
encourage the initiative, Bilavari Karkare, principal, VIIT, Pune,
has asked the college management to sponsor a smartphone with the app
installed to the Aadhar Deaf School.

I hope Indian government would encourage these
courageous and public spirited young girls in the larger interest of
Indian population that needs special facilities.

Friday, May 9, 2014

Encryption technology is being considered to be a
good solution of many online evils. Encryption can protect
individuals and companies from cyber threats, intellectual property
thefts, corporate and cyber espionage and so on. Encryption can also
help in protecting the intellectual property.

Protection of a software source code is considered
to be a tedious job. The problem is that if we encrypt the source cod
of software it may hinder its functionality and may render it
useless. Sanjam Garg, a graduate of the Indian Institute of
Technology, Delhi, has solved this problem and won the 2013 Doctoral
Dissertation Award for developing a technique to protect such source
codes.

He invented
a breakthrough cryptography technology that enables the first secure
solution to the problem of making computer programme code
“unintelligible” while preserving its functionality. This
problem, known as software obfuscation, conceals the programme's
purpose or its logic in order to prevent tampering, deter reverse
engineering, or pose a challenge to readers of the source code.

Garg described new mathematical tools that serve as
key ingredients for transforming a program into a “jigsaw puzzle”
of encrypted pieces. Corresponding to each input is a unique set of
puzzle pieces that, when assembled; reveal the output of the
programme. Security of the obfuscated programme hinges on the fact
that illegitimate combinations of the puzzle pieces do not reveal
anything.

Monday, March 31, 2014

Corporate law firm Perry4Law
has provided a list
of provisions of the Companies Act, 2013 and the rules
2014 under it. These rules and relevant provisions have been notified
by Indian government from time to time. They have become operations
from today i.e. 01-04-2014 hence Indian companies are required to
make necessary compliances with them in due course of time.

This list would be updated from time to time by
Perry4Law. Please bookmark this
page so that you can have updated information about Indian
Companies Act, 2013 and Rules/Notifications made thereunder form time
to time.

At the same time regulatory compliances have also
significantly increased in India in the telecom related fields. For
instance telecom
due diligence compliances is required to be ensured by
foreign investors and those interested in M&A with Indian
companies. Further, telecom stakeholders exploring the M&A route
must also comply with the Internet
intermediaries requirements and cyber
law due diligence requirements (PDF) as prescribed by the
Information Technology Act, 2000 (IT Act 2000).

The reaction of national and international telecom
stakeholders are mixed in nature. Some have considered these steps as
reformatory while others believe that these steps would not make much
change in the existing circumstances and telecom environment. Only
time would tell who is right in this regard.

Monday, February 3, 2014

The healthcare sector of India is heading towards a
big growth trajectory. Reports from many research organisations have
shown that if India takes care of some health related aspects, then
India can be greatly benefitted by this healthcare revolution. The
corporate environment of India is also changing
this is a good sign for healthcare industry of India.

Mobile handsets are increasingly being used to
delivery numerous services in India. From mobile banking to online
ticket reservations, everything can be managed from mobiles these
days. The health sector is also utilised mobile technology to expand
its services to areas that are not available through traditional
medical science methods.

Mobile health or m-health is a contemporary concept
in India. It has tremendous reach and it can reach even to the
remotest areas of India where the traditional medical facilities
cannot be provided.

However, along with increasing use of m-health in
India its use must be suitably regulated by Indian government.
Although we have no dedicated m-health
laws in India yet m-health is presently regulated through
legal provisions that can be found in different legislations.

According to New Delhi based ICT law firm Perry4Law,
m-health legal requirements are not
duly complied with by the m-health service providers of
India. Legal compliances for privacy, data protection, data security,
cyber security, cloud computing compliances, etc are still not
adhered to by a dominant majority of m-health service providers in
India, says Perry4Law.

This would make these m-health service providers
liable to multiple legal proceedings and cases. M-health service
providers are internet intermediary within the meaning of
Intermediary guidelines as prescribed by Indian government. They
are also required to follow cyber law due diligence so that civil and
criminal provisions under the information technology act 2000 cannot
be invoked against them.

Judged by these legal standards, it is obvious that
the m-health service providers in India and not complying with legal
requirements at any stage and of any level. This would make them
vulnerable to a host of legal actions when Indian government would
become aware of these illegalities and irregularities.

Sunday, January 26, 2014

Online
gaming industry in India is fast maturing and it is moving
towards a consolidation. Both regulatory environment and business
mood is hinting towards a positive report about online gaming
industry of India. As the online gaming business essentially involves
use of information and communication technology (ICT), certain legal
precautions are essential to be observed.

Till now we have no dedicated online
gaming and gambling laws in India. This has created an
atmosphere of uncertainty and fear among the online gaming
entrepreneurs in India. This is also the reason why very few players
have entered into the online gaming arena of India.

For instance, legality of online poker in India is
still a grey area. It is neither legal nor illegal. Just like
Bitcoins
exchanges operating in India, online
poker websites operating in India can be either legal or
illegal. It all depends how an online poker website is managed in
India. If it is complying with all the applicable laws and
regulations, it is legal to play online poker otherwise it is
illegal.

Governments around the world are trying to regulate
online gaming and gambling activities. Recently, the United Kingdom
asked the Internet service providers (ISPs) to insert warning pages
for unlicensed gambling websites. However, the ISPs
refused to comply with this demand. Similarly, Singapore
is planning
to ban online gaming and enact laws in this regard. India
is also planning an anti
match fixing law that may cover online betting as well.

On the other hand, governments are also trying to
liberalise the online gaming segment. The U.K. Gaming (Licensing and
Advertising) Bill has passed
the third reading in the House of Commons. Similarly, a
good
start for Internet and online gambling in New Jersey has
already taken place and there are very good signs that online poker
would be allowed
in United States very soon.

Back in India the regulatory environment for online
gaming is fast changing. Games like poker and rummy are finding
support of both community and legal and judicial fraternity.
According to Praveen Dalal, managing partner of New Delhi based IT
law firm Perry4Law,
the High Courts in India are protecting “Games of Skills” from
the Criminal actions. Recently, the Bangalore High Court in Kirana
S v. State of Karnataka Criminal Petition No. 76482013
(Pdf) held that playing Rummy is not a Criminal Offence as it
involved “Application of Skills”, inform Dalal. In fact, another
related matter is pending before the Supreme Court of India and the
Judgment of Supreme Court would decide the fate of Online Gaming
Industry of India, opines Dalal.

It seems this is a good time to start online gaming
businesses in India However, before doing so it would be a prudent
exercise to consult a good techno legal law firm regarding regulatory
compliances as any deviance may create troubles for the
entrepreneurs.